Biblio

Information-Centric Networking (ICN) is among the promising architecture that can drive the need and versatility towards the future generation (xG) needs. In the future, support for network communication relies on the area of telemedicine, autonomous vehicles, and disaster recovery. In the disaster recovery case, there is a high possibility where the communication path is severed. Multicast communication and DTN-friendly route algorithm are becoming suitable options to send a packet message to get a faster response and to see any of the nodes available for service, this approach could give burden to the core network. Also, during disaster cases, many people would like to communicate, receive help, and find family members. Flooding the already disturbed/severed network will further reduce communication performance efficiency even further. Thus, this study takes into consideration prioritization factors to allow networks to process and delivering priority content. For this purpose, the proposed technique introduces the Routable Prefix Identifier (RP-ID) that takes into account the prioritization factor to enable optimization in Delay Tolerant ICN communication.

5G and beyond 5G low power wireless networks make Internet of Things (IoT) and Cyber-Physical Systems (CPS) applications capable of serving massive amounts of devices and machines. Due to the broadcast nature of wireless networks, it is crucial to secure the communication between these devices and machines from spoofing and interception attacks. This paper is concerned with the security of carrier frequency offset (CFO) based continuous physical layer authentication. The interaction between an attacker and a defender is modeled as a dynamic discrete leader-follower game with imperfect information. In the considered model, a legitimate user (Alice) communicates with the defender/operator (Bob) and is authorized by her CFO continuously. The attacker (Eve), by listening/eavesdropping the communication between Alice and Bob, tries to learn the CFO characteristics of Alice and aims to inject malicious packets to Bob by impersonating Alice. First, by showing that the optimal attacker strategy is a threshold policy, an optimization problem of the attacker with exponentially growing action space is reduced to a tractable integer optimization problem with a single parameter, then the corresponding defender cost is derived. Extensive simulations illustrate the characteristics of optimal strategies/utilities of the players depending on the actions, and show that the defender’s optimal false positive rate causes attack success probabilities to be in the order of 0.99. The results show the importance of the parameters while finding the balance between system security and efficiency.

Adversarial machine learning calculations handle adversarial instance age, producing bogus data information with the ability to fool any machine learning model. As the word implies, “foe” refers to a rival, whereas “rival” refers to a foe. In order to strengthen the machine learning models, this section discusses about the weakness of machine learning models and how effectively the misinterpretation occurs during the learning cycle. As definite as it is, existing methods such as creating adversarial models and devising powerful ML computations, frequently ignore semantics and the general skeleton including ML section. This research work develops an adversarial learning calculation by considering the coordinated portrayal by considering all the characteristics and Convolutional Neural Networks (CNN) explicitly. Figuring will most likely express minimal adjustments via data transport represented over positive and negative class markings, as well as a specific subsequent data flow misclassified by CNN. The final results recommend a certain game theory and formative figuring, which obtain incredible favored ensuring about significant learning models against the execution of shortcomings, which are reproduced as attack circumstances against various adversaries.

Differentially private (DP) machine learning allows us to train models on private data while limiting data leakage. DP formalizes this data leakage through a cryptographic game, where an adversary must predict if a model was trained on a dataset D, or a dataset D′ that differs in just one example. If observing the training algorithm does not meaningfully increase the adversary's odds of successfully guessing which dataset the model was trained on, then the algorithm is said to be differentially private. Hence, the purpose of privacy analysis is to upper bound the probability that any adversary could successfully guess which dataset the model was trained on.In our paper, we instantiate this hypothetical adversary in order to establish lower bounds on the probability that this distinguishing game can be won. We use this adversary to evaluate the importance of the adversary capabilities allowed in the privacy analysis of DP training algorithms.For DP-SGD, the most common method for training neural networks with differential privacy, our lower bounds are tight and match the theoretical upper bound. This implies that in order to prove better upper bounds, it will be necessary to make use of additional assumptions. Fortunately, we find that our attacks are significantly weaker when additional (realistic) restrictions are put in place on the adversary's capabilities. Thus, in the practical setting common to many real-world deployments, there is a gap between our lower bounds and the upper bounds provided by the analysis: differential privacy is conservative and adversaries may not be able to leak as much information as suggested by the theoretical bound.

The Internet of vehicles is emerging as an exciting application to improve safety and providing better services in the form of active road signs, pay-as-you-go insurance, electronic toll, and fleet management. Internet connected vehicles are exposed to new attack vectors in the form of cyber threats and with the increasing trend of cyber attacks, the success of autonomous vehicles depends on their security. Existing techniques for IoV security are based on the un-realistic assumption that all the vehicles are equipped with the same hardware (at least in terms of computational capabilities). However, the hardware platforms used by various vehicle manufacturers are highly heterogeneous. Therefore, a security protocol designed for IoVs should be able to detect the computational capabilities of the underlying platform and adjust the security primitives accordingly. To solve this issue, this paper presents a technique for algorithm-hardware separation for IoV security. The proposed technique uses an iterative routine and the corresponding execution time to detect the computational capabilities of a hardware platform using an artificial intelligence based inference engine. The results on three different commonly used micro-controllers show that the proposed technique can effectively detect the type of hardware platform with up to 100% accuracy.

Authentication, forms an important step in any security system to allow access to resources that are to be restricted. In this paper, we propose a novel artificial intelligence-assisted risk-based two-factor authentication method. We begin with the details of existing systems in use and then compare the two systems viz: Two Factor Authentication (2FA), Risk-Based Two Factor Authentication (RB-2FA) with each other followed by our proposed AIA-RB-2FA method. The proposed method starts by recording the user features every time the user logs in and learns from the user behavior. Once sufficient data is recorded which could train the AI model, the system starts monitoring each login attempt and predicts whether the user is the owner of the account they are trying to access. If they are not, then we fallback to 2FA.

The mishandled passenger baggage in aviation industry is still a big problem. This research is focused on designing a baggage handling system (BHS) at the airport for identifying and tracking of passenger baggage based on RFID technology. The proposed BHS system consists of hardware device to identify the baggage and the cloud-based tracking application. The BHS device is designed based on UHF passive RFID technology and IoT technology. The device can be used as handheld device in check-in counter and arrival area. The device can also be used as a fixed device in screening, sortation, and transition belt conveyer. The BHS device consists of RFID reader module, a microcontroller, LCD, keypad, a WiFi module and a storage device. The user and airport staff can track the luggage position and its status through dashboard application.

In the Internet of Things, it is more important than ever to effectively address the problem of secure transmission based on steganographic substitution by synthesizing digital sensor data. In this case, the degree to which the grayscale message is obscured is a necessary issue. To ensure information security in IoT systems, various methods are used and information security problems are solved to one degree or another. The article proposes a method and algorithm for a computer image in grayscale, in which the value of each pixel is one sample, representing the amount of light, carrying only information about the intensity. The proposed method in grayscale using steganographic coding provides a secure implementation of data transmission in the IoT system. Study results were analyzed using PSNR (Peak Signal to Noise Ratio).

Nowadays, web vulnerability is a critical issue in web applications. Web developers develop web applications, but sometimes they are not very well-versed with security concerns, thereby creating loopholes for the vulnerabilities. If a web application is developed without considering security, it is harmful for the client and the company. Different types of vulnerabilities encounter during the web application development process. Therefore, vulnerability identification is a crucial and critical task from a web application development perspective. It is vigorous to secure them from the earliest development life cycle process. In this paper, we have analyzed and classified vulnerabilities related to web application security during the development phases. Here, the concern is to identify a weakness, countermeasure, confidentiality impact, access complexity, and severity level, which affect the web application security.

Steganography is the method of hiding one type of information into other type of information, hiding a secret a message in a cover so that others can't know the presence of the secret information. It provides an extra layer of security in communication and information sharing. Security is an important aspect of the communication process; everyone want security in communication. The main purpose of this paper is to introduce security of information that people share among them. In this paper we are presenting different methods of substitution techniques of image steganography and their comparison. Least significant bit and most significant bit substitution techniques are used. Information is hidden in an image file and then decoded back for the secret message. Hiding the presence of any hidden information makes this more secure. This implementation can be used by secret service agencies and also common people for secure communication.

With the development of information technology, the Internet of things (IOT) has gradually become the third wave of global information industry revolution after computer and Internet. Artificial intelligence (AI) and IOT technology is an important prerequisite for the rapid development of the current information society. However, while AI and IOT technologies bring convenient and intelligent services to people, they also have many defects and imperfect development. Therefore, it is necessary to pay more attention to the development of AI and IOT technologies, actively improve the application system, and create a network security management system for AI and IOT applications that can timely detect intrusion, assess risk and prevent viruses. In this paper, the network security risks caused by AI and IOT applications are analyzed. Therefore, in order to ensure the security of IOT environment, network security and privacy security have become the primary problems to be solved, and management should be strengthened from technical to legal aspects.

In proof-of-stake (PoS) blockchains, stakeholders that extend the chain are selected according to the amount of stake they own. In S&P 2019 the "Ouroboros Crypsinous" system of Kerber et al. (and concurrently Ganesh et al. in EUROCRYPT 2019) presented a mechanism that hides the identity of the stakeholder when adding blocks, hence preserving anonymity of stakeholders both during payment and mining in the Ouroboros blockchain. They focus on anonymizing the messages of the blockchain protocol, but suggest that potential identity leaks from the network-layer can be removed as well by employing anonymous broadcast channels.In this work we show that this intuition is flawed. Even ideal anonymous broadcast channels do not suffice to protect the identity of the stakeholder who proposes a block.We make the following contributions. First, we show a formal network-attack against Ouroboros Crypsinous, where the adversary can leverage network delays to distinguish who is the stakeholder that added a block on the blockchain. Second, we abstract the above attack and show that whenever the adversary has control over the network delay – within the synchrony bound – loss of anonymity is inherent for any protocol that provides liveness guarantees. We do so, by first proving that it is impossible to devise a (deterministic) state-machine replication protocol that achieves basic liveness guarantees and better than (1-2f) anonymity at the same time (where f is the fraction of corrupted parties). We then connect this result to the PoS setting by presenting the tagging and reverse tagging attack that allows an adversary, across several executions of the PoS protocol, to learn the stake of a target node, by simply delaying messages for the target. We demonstrate that our assumption on the delaying power of the adversary is realistic by describing how our attack could be mounted over the Zcash blockchain network (even when Tor is used). We conclude by suggesting approaches that can mitigate such attacks.

In view of the current status of Internet of Things applications and related security problems, the architecture system of Internet of Things applications based on block chain is introduced. First, it introduces the concepts related to blockchain technology, introduces the architecture system of iot application based on blockchain, and discusses its overall architecture design, key technologies and functional structure design. The product embodies the whole process of the Internet of Things platform on the basis of blockchain, which builds an infrastructure based on the Internet of Things and solves the increasingly serious security problems in the Internet of Things through the technical characteristics of decentralization.

Application of cryptography and how various encryption algorithms methods are used to encrypt and decrypt data that traverse the network is relevant in securing information flows. Implementing cryptography in a secure network environment requires the application of secret keys, public keys, and hash functions to ensure data confidentiality, integrity, authentication, and non-repudiation. However, providing secure communications to prevent interception, interruption, modification, and fabrication on network systems has been challenging. Cyberattacks are deploying various methods and techniques to break into network systems to exploit digital signatures, VPNs, and others. Thus, it has become imperative to consider applying techniques to provide secure and trustworthy communication and computing using cryptography methods. The paper explores applied cryptography concepts in information and network systems security to prevent cyberattacks and improve secure communications. The contribution of the paper is threefold: First, we consider the various cyberattacks on the different cryptography algorithms in symmetric, asymmetric, and hashing functions. Secondly, we apply the various RSA methods on a network system environment to determine how the cyberattack could intercept, interrupt, modify, and fabricate information. Finally, we discuss the secure implementations methods and recommendations to improve security controls. Our results show that we could apply cryptography methods to identify vulnerabilities in the RSA algorithm in secure computing and communications networks.

The article discusses an approach to identifying the uncertainty of initial information based on the theory of fuzzy logic. A system of criteria for initial information is proposed, calculated on the basis of the input sample, and characterizing the measure of uncertainty present in the system. The basic requirements for the choice of membership functions of the fuzzy inference system are indicated and the final integrated output membership function is obtained, which describes the type of uncertainty of the initial information.

Fault injection is a major threat to embedded system security since it can lead to modified control flows and leakage of critical security parameters, such as secret keys. However, injecting physical faults into devices is cumbersome and difficult since it requires a lot of preparation and manual inspection of the assembly instructions. Furthermore, a single fault injection method cannot cover all possible fault types. Simulating fault injection in comparison, is, in general, less costly, more time-efficient, and can cover a large amount of possible fault combinations. Hence, many different fault injection tools have been developed for this purpose. However, previous tools have several drawbacks since they target only individual architectures or cover merely a limited amount of the possible fault types for only specific memory types. In this paper, we present ARCHIE, a QEMU-based architecture-independent fault evaluation tool, that is able to simulate transient and permanent instruction and data faults in RAM, flash, and processor registers. ARCHIE supports dynamic code analysis and parallelized execution. It makes use of the Tiny Code Generator (TCG) plugin, which we extended with our fault plugin to enable read and write operations from and to guest memory. We demonstrate ARCHIE’s capabilities through automatic binary analysis of two exemplary applications, TinyAES and a secure bootloader, and validate our tool’s results in a laser fault injection experiment. We show that ARCHIE can be run both on a server with extensive resources and on a common laptop. ARCHIE can be applied to a wide range of use cases for analyzing and enhancing open source and proprietary firmware in white, grey, or black box tests.

This paper studies the technology of generating DDPG (deep deterministic policy gradient) by using the deep dual network and experience pool network structure, and puts forward the sampling strategy gradient algorithm to randomly select actions according to the learned strategies (action distribution) in the continuous action space, based on the dispatching control system of the power dispatching control center of a super city power grid, According to the actual characteristics and operation needs of urban power grid, The developed refined artificial intelligence on-line security analysis and emergency response plan intelligent generation function realize the emergency response auxiliary decision-making intelligent generation function. According to the hidden danger of overload and overload found in the online safety analysis, the relevant load lines of the equipment are searched automatically. Through the topology automatic analysis, the load transfer mode is searched to eliminate or reduce the overload or overload of the equipment. For a variety of load transfer modes, the evaluation index of the scheme is established, and the optimal load transfer mode is intelligently selected. Based on the D5000 system of Metropolitan power grid, a multi-objective and multi resource coordinated security risk decision-making assistant system is implemented, which provides integrated security early warning and decision support for the main network and distribution network of city power grid. The intelligent level of power grid dispatching management and dispatching operation is improved. The state reality network can analyze the joint state observations from the action reality network, and the state estimation network uses the actor action as the input. In the continuous action space task, DDPG is better than dqn and its convergence speed is faster.

Cybersecurity is becoming very crucial in the today's world where technology is now not limited to just computers, smartphones, etc. It is slowly entering into things that are used on daily basis like home appliances, automobiles, etc. Thus, opening a new door for people with wrong intent. With the increase in speed of technology dealing with such issues also requires quick response from security people. Thus, dealing with huge variety of devices quickly will require some extent of automation in this field. Generating threat intelligence automatically and also including those which are multilingual will also add plus point to prevent well known major attacks. Here we are proposing an AI based SOAR system in which the data from various sources like firewalls, IDS, etc. is collected with individual event profiling using a deep-learning detection method. For this the very first step is that the collected data from different sources will be converted into a standardized format i.e. to categorize the data collected from different sources. For standardized format Here our system finds out about the true positive alert for which the appropriate/ needful steps will be taken such as the generation of Indicators of Compromise report and the additional evidences with the help of Security Information and Event Management system. The security alerts will be notified to the security teams with the degree of threat.

The use of video surveillance (VS) has grown significantly using the internet as a platform. Thus security issues on such videos must be addressed. Video frames can have multiple objects and various features over video length. Moving object detection (MOD) and real-time tracking requires security strategies designed to protect videos. This paper is proposed to design an asymmetric encryption method (RSA). The paper has contributed in two stages. In the first phase the fast video segmentation method based on a global variable threshold is designed to facilitate MOD. Later in second pass the RSA-based encryption is used to maintain the efficiency of the object detection. The secure key generation method is demonstrated. The performances of two global thresholds are demonstrated and compared under the encrypted video data. It is found that that method is very effective in finding objects under the context of video surveillance in real time.

The Internet of Vehicles (IoV) can offer safe and comfortable driving experiences with the cooperation communications between central servers and cache-enabled road side units (RSUs) as edge severs, which also can provide high-speed, high-quality and high-stability communication access for vehicle users (VUs). However, due to the huge popular traffic volume, the burden of backhaul link will be seriously enlarged, which will greatly degrade the service experience of the IoV. In order to alleviate the backhaul load of IoV network, in this paper, we propose an asynchronous coded caching strategy composed of two phases, i.e., content placement and asynchronous coded transmission. The asynchronous request and request deadline are closely considered to design our asynchronous coded transmission algorithm. Also, we derive the close-form expression of average backhaul load under the nonuniform demands of IoV users. Finally, we formulate an optimization problem of minimizing average backhaul load and obtain the optimized content placement vector. Simulation results verify the feasibility of our proposed strategy under the asynchronous situation.

Ciphertext Policy Attribute-Based Encryption (CPABE) has gained popularity in the research area among the many proposed security models for providing fine-grained access control of data. Lightweight ECC-based CP-ABE schemes can provide feasible selective sharing from resource-constrained devices. However, the existing schemes lack support for a complete revocation mechanism at the user and attribute levels. We propose a novel scheme called Ecc Proxy based Scalable Attribute Revocation (EPSAR-CP-ABE) scheme. It extends an existing ECC-based CP-ABE scheme for lightweight IoT and smart-card devices to implement scalable attribute revocation. The scheme does not require re-distribution of secret keys and re-encryption of ciphertext. It uses a proxy server to furnish a proxy component for decryption. The dependency of the proposed scheme is minimal on the proxy server compared to the other related schemes. The storage and computational overhead due to the attribute revocation feature are negligible. Hence, the proposed EPSAR-CP-ABE scheme can be deployed practically for resource-constrained devices.

In the current scenario we are facing the issue of real view which is object deal with image or in virtual world for such kind of difficulties the Augmented Reality has came into existence (AR). This paper deal with Augmented Reality Search (ARS). In this Augmented Reality Search (ARS) just user have to make the voice command and the Augmented Reality Search (ARS) will provide you real view of that object. Consider real world scenario where a student searched for NIT Bangalore then it will show the real view of that campus.

Security and privacy threat modeling is commonly applied to systematically identify and address design-level security and privacy concerns in the early stages of architecture and design. Identifying and resolving these threats should remain a continuous concern during the development lifecycle. Especially with contemporary agile development practices, a single-shot upfront analysis becomes quickly outdated. Despite it being explicitly recommended by experts, existing threat modeling approaches focus largely on early development phases and provide limited support during later implementation phases.In this paper, we present an integrated threat analysis toolchain to support automated, continuous threat elicitation, assessment, and mitigation as part of a continuous integration pipeline in the GitLab DevOps platform. This type of automation allows for continuous attention to security and privacy threats during development at the level of individual commits, supports monitoring and managing the progress in addressing security and privacy threats over time, and enables more advanced and fine-grained analyses such as assessing the impact of proposed changes in different code branches or merge/pull requests by analyzing the changes to the threat model.

The Linux kernel is implemented in C, an unsafe programming language, which puts the burden of memory management, type and bounds checking, and error handling in the hands of the developer. Hundreds of buffer overflow bugs have compromised Linux systems over the years, leading to endless layers of mitigations applied on top of C. In contrast, the D programming language offers automated memory safety checks and modern features such as OOP, templates and functional style constructs. In addition, interoper-ability with C is supported out of the box. However, to integrate a D module with the Linux kernel it is required that the needed C header files are translated to D header files. This is a tedious, time consuming, manual task. Although a tool to automate this process exists, called DPP, it does not work with the complicated, sometimes convoluted, kernel code. In this paper, we improve DPP with the ability to translate any Linux kernel C header to D. Our work enables the development and integration of D code inside the Linux kernel, thus facilitating a method of making the kernel memory safe.

Security has become an important issue in an IT system of an organization. Each IT component has to be configured correctly, otherwise the risk of attack could increase. An important component is networking device such as router and switch. To avoid this misconfiguration, a well-known process called audit is used. There are several auditing tools both commercial and open-source. However, none of the existing tools that are open-source can automatically audit the security settings of networking device based on standard e.g., CIS benchmark. We, thus propose a tool that can verify the networking device automatically based on best practices so that auditors can conveniently check as well as issue a report.